OAuth2.0协议业界实现【4】

235 阅读1分钟

Google

根据Goolge相关文档:

授权和验证

image.png

Google开源auth源码

image.png

Google Oauth接入指导

image.png

Using JWT OAuth tokens

image.png

因此Google使用Oauth和JWT生成token和鉴权。

FaceBook

FaceBook token校验

A successful login in Limited Login returns an AuthenticationToken instance. This is a JSON web token (JWT) containing your nonce, if you provided one, a signature, and other pieces of information. Your app should validate the token to make sure it is authentic.

Check that the JWT consists of three Base64Url-encoded parts separated by periods:

  • Header
  • Payload
  • Signature

Parse the JWT to extract the three parts. Decode the payload and verify that it is a valid JSON object.

Apple

token验证

image.png

JWT token生成方法

image.png